ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
feat/000-specify-deprecate
TenantAtlas/specs/006-sot-foundations-assignments/plan.md
ahmido b9c47e7973 feat/006-sot-foundations-assignments (#6) 
## Summary
<!-- Kurz: Was ändert sich und warum? -->

## Spec-Driven Development (SDD)
- [ ] Es gibt eine Spec unter `specs/<NNN>-<feature>/`
- [ ] Enthaltene Dateien: `plan.md`, `tasks.md`, `spec.md`
- [ ] Spec beschreibt Verhalten/Acceptance Criteria (nicht nur Implementation)
- [ ] Wenn sich Anforderungen während der Umsetzung geändert haben: Spec/Plan/Tasks wurden aktualisiert

## Implementation
- [ ] Implementierung entspricht der Spec
- [ ] Edge cases / Fehlerfälle berücksichtigt
- [ ] Keine unbeabsichtigten Änderungen außerhalb des Scopes

## Tests
- [ ] Tests ergänzt/aktualisiert (Pest/PHPUnit)
- [ ] Relevante Tests lokal ausgeführt (`./vendor/bin/sail artisan test` oder `php artisan test`)

## Migration / Config / Ops (falls relevant)
- [ ] Migration(en) enthalten und getestet
- [ ] Rollback bedacht (rückwärts kompatibel, sichere Migration)
- [ ] Neue Env Vars dokumentiert (`.env.example` / Doku)
- [ ] Queue/cron/storage Auswirkungen geprüft

## UI (Filament/Livewire) (falls relevant)
- [ ] UI-Flows geprüft
- [ ] Screenshots/Notizen hinzugefügt

## Notes
<!-- Links, Screenshots, Follow-ups, offene Punkte -->

Co-authored-by: Ahmed Darrazi <ahmeddarrazi@adsmac.local>
Reviewed-on: #6
2025-12-25 14:25:16 +00:00

4.5 KiB
Raw Permalink Blame History

Implementation Plan: SoT Foundations & Assignments

Branch: 006-sot-foundations-assignments | Date: 2025-12-25 | Spec: ./spec.md Input: Feature specification from /specs/006-sot-foundations-assignments/spec.md

Note: This template is filled in by the /speckit.plan command. See .specify/templates/commands/plan.md for the execution workflow.

Summary

Implement foundations-first backup/restore for Intune dependencies (Assignment Filters, Scope Tags, Notification Message Templates) and extend restore to be assignment-aware using a deterministic old→new ID mapping report. Conditional Access remains preview-only (never executed) until its dependency mapping is supported.

Phase outputs:

  • Phase 0 research: ./research.md
  • Phase 1 design: ./data-model.md, ./contracts/, ./quickstart.md

Technical Context

Language/Version: PHP 8.4 (Laravel 12)
Primary Dependencies: Laravel 12, Filament v4, Livewire v3, Microsoft Graph (custom client abstraction)
Storage: PostgreSQL (JSONB payload storage for snapshots)
Testing: Pest v4 + PHPUnit 12
Target Platform: Docker/Sail locally; container deploy via Dokploy Project Type: Web application (Laravel backend + Filament admin UI)
Performance Goals: Restore preview for ~100 items in <2 minutes (SC-003); handle Graph paging and throttling safely
Constraints: Restore must be defensive: no deletions; skip unsafe assignments; produce audit/report; respect Graph throttling
Scale/Scope: Tenants with large policy inventories; focus on foundational object types + assignment application for already-supported policy types

Constitution Check

GATE: Must pass before Phase 0 research. Re-check after Phase 1 design.

The constitution at .specify/memory/constitution.md is currently an unfilled template (no ratified gates). For this feature, adopt the repos documented operating rules as gates:

  • Sail-first local dev/test commands.
  • SpecKit Gate Rule: code changes must be accompanied by specs/006-sot-foundations-assignments/ updates.
  • Testing is required: every behavioral change covered by Pest tests.
  • Safety: restore never deletes; assignments only applied when mapped; CA stays preview-only.
  • Auditability: restore/backup outcomes recorded and tenant-scoped.

If the team later ratifies a real constitution, re-map these gates accordingly.

Post-Phase 1 re-check: Pass (no violations introduced by the Phase 1 design artifacts).

Project Structure

Documentation (this feature)

specs/[###-feature]/
├── plan.md              # This file (/speckit.plan command output)
├── research.md          # Phase 0 output (/speckit.plan command)
├── data-model.md        # Phase 1 output (/speckit.plan command)
├── quickstart.md        # Phase 1 output (/speckit.plan command)
├── contracts/           # Phase 1 output (/speckit.plan command)
└── tasks.md             # Phase 2 output (/speckit.tasks command - NOT created by /speckit.plan)

Source Code (repository root)

app/
├── Filament/
│   └── Resources/
├── Jobs/
├── Models/
│   ├── BackupItem.php
│   ├── BackupSet.php
│   └── RestoreRun.php
├── Services/
│   ├── Graph/
│   └── Intune/
└── Support/

config/
├── graph_contracts.php
└── tenantpilot.php

database/
├── migrations/
└── factories/

tests/
├── Feature/
└── Unit/

Structure Decision: Implement as incremental additions to existing Laravel services/models/jobs, with Filament UI using the existing Backup/Restore flows.

Complexity Tracking

Fill ONLY if Constitution Check has violations that must be justified

Violation Why Needed Simpler Alternative Rejected Because
[e.g., 4th project] [current need] [why 3 projects insufficient]
[e.g., Repository pattern] [specific problem] [why direct DB access insufficient]